Phishing attacks have now become something of a daily occurrence for many. Yet, the reason why these malicious campaigns remain successful lies in their creativity. Once again, we hear of a creative phishing technique that involves tech support as well. We are talking about an Office 365 phishing campaign that cons users by providing live chat support.

Office 365 Phishing Site Offers Live Support

A security researcher Michael Gillespie has recently unveiled a phishing campaign that exploits Microsoft Office 365. However, it does not target any MS Office tool or feature, rather the phishing comes up as a tech support scam.

Michael Gillespie, the creator of ID Ransomware, first discovered this Office 365 phishing scam. He then shared his discovery publicly via a tweet.

According to Bleeping Computer, Gillespie came across a fake tech support website for Microsoft Office 365 after he received a spam email from a fake Microsoft account. The email allegedly alerted him for renewal of his Office Suite subscription. However, the researcher spotted that fake email address that goes info(at)officefamily(dot)us. Here, the word “officefamily” may fool some users to the legitimacy of the email.

Upon clicking on the provided link, the researcher reached a fake tech support website “mso365[.]tech”. According to his observation, the website had a very poor design that won’t really trick any savvy Office365 user. However, what made this site attractive was the presence of a live chat support option powered by tawk.to.

Tawk.to Banned The Scammers

After Gillespie reached the scam website and noticed the chat support, he thought to give it a try. He then conversed with the alleged chat agent only to find is speculations correct. He also shared his conversation publicly by mentioning the link in his tweet.

As revealed, the scammers asked him to provide his email address and account details to provide support. However, the alleged chat agent ended the chat the moment Gillespie typed in his message “Yes. This site is a phishing scam.”

Gillespie brought this matter to the notice of tawk.to, who then banned the ‘bad actor’. However, they were quick to go live again.

Once again, the researcher interacted with their live support and found that the scammers are now interested in obtaining phone numbers. Gillespie then reported tawk.to once again. As a result, tawk.to banned the domain of the scammers at once.

We've banned their domain from being able to add a widget again.. doesn't stop them from registering a new domain though :/ And the chase continues.. ?‍♂️vs?‍♂️

Nonetheless, it does not indicate that the scammers won’t come into action again. Therefore, one should be very careful while clicking on links given in emails, and while communicating with any online tech support.

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Related

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]